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EXAMINER'S ANSWER 



This is in response to the appeal brief filed 25 April 2006 appealing from the 
Office action mailed 16 February 2006. 
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(1) Real Party in Interest 

A statement identifying by name the real party in interest is contained in 
the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or 
judicial proceedings which will directly affect or be directly affected by or have a 
bearing on the Board's decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief is correct. 
However, the status of the claims have been changed as follows: 

(a) Claims objected to: 7, 15 and 23 (these claims are objected to 
as being dependent upon a rejected base claim, but would be allowable if 
rewritten in independent form including all of the limitations of the base 
claim and any intervening claims. 

(b) The rejections of claims 6, Hand 22 under 35 U.S. C. 112, first 
paragraph, have been withdrawn in view of Applicant's Appeal Brief filed 
25 April 2006. 

(c) Claims 1 - 6, 8 - 14, 16 - 22 and 24 are maintained under the 
35 U.S.C. 1 03(a) rejection of Savill in view of Wu. 
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(4) Status of Amendments After Final 

The appellant's statement of the status of amendments after final rejection 
contained in the brief is correct. 

(5) Summary of Claimed Subject Matter 

The summary of claimed subject matter contained in the brief is correct. 

(6) Grounds of Rejection to be Reviewed on Appeal 

(a) WITHDRAWN REJECTIONS 

The following grounds of rejection are not presented for review on 
appeal because they have been withdrawn by the examiner: As per claim 
6, 14 and 22, the rejections under 35 U.S.C. 112, first paragraph, have 
been withdrawn in view of Applicant's Appeal Brief filed 25 April 2006. 

(b) GROUND OF REJECTION 

Claims 1 -6, 8 - 14, 16 -22 and 24 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Savill (Where can I find a Unix su like 
utility?) and in view of Wu (U.S. Patent No. 5,774,551). 

(7) Claims Appendix 

The copy of the appealed claims contained in the Appendix to the brief is 
correct. 
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(8) Evidence Relied Upon 

John Savill: "Where can I find a Unix SU (substitute user) like utility?" 
InstantDoc #15120 (December 10, 1999). 
Wu et al. U.S. Patent No. 5,774,551 

(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 

1. Claim 1 -6, 8-14, 16 -22 and 24 are rejected under 35 U.S. C. 103(a) 
as being unpatentable over Savill (Where can I find a Unix su like utility?) and in 
view of Wu (U.S. Patent No. 5,774,551), hereinafter referred to as Wu, 

As per claims 1, 9 and 17, Savill discloses an authentication method, 
product and system comprising: 

generating a first security context in response to a first user authentication 
(Savill: Page 1 Line 2: the low privileged account is interpreted as the 1®* security 
context and the login / logoff must be involved generating the security context in 
order to perform the user authentications), 

generating a second security context in response to a second user 
authentication (Savill: Page 1 Line 3: the higher privileged account is interpreted 
as the 2"^ security context and the login / logoff must be involved generating the 
security context in order to perform the user authentications); However, Savil 
does not disclose expressly said second security context aggregates said first 
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security context and a security context corresponding to an identity in said 
second user authentication. 

Wu teaches said second security context is an aggregate of said first 
security context and a security context corresponding to an identity in said 
second user authentication (Wu: Column 6 Line 65 Column 7 Line 1 : stacking 
multiple authentication services as taught by Wu is interpreted as aggregating 
first security context into the second security context). Please also see the detail 
rational of rejections set forth on Section (10) Response to Argument (ltem# 1 ) of 
this Examiner Answer for expanded Examiner arguments. 

It would have been obvious to a person of ordinary skill in the art at the 
time the invention was made to combine the teaching of Wu within the system of 
Savil because (a) Wu's reference resolves the problem presented by Savill to 
avoid logoff existing user application account prior to logon to a new user 
application account (Savil: Page 1 Line 4); where Wu teaches both of the existing 
and new logical application accounts can be managed at the same time (Wu: 
Column 2 Line 62 - 67: there is no need to logout all authentication services 
before login another session) - See MPEP §2143.01, (b) Savil discloses the 
needs of multiple login due to different type of works associated with the same 
personnel, and (b) Wu teaches providing a simplified login embodiment using 
automatic multi-login (i.e. unified logon) so that the same personnel need not 
manually login multiple times for different types of works, which is substantially 
improves in the ease of use of otherwise complex computer security systems 
(Wu: Column 3 Line 56 - 57 and Column 4 Line 25 - 28). 
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As per claims 2, 10, and 18, Savil as modified teaches the claimed 
invention as described above (see claim 1, 9 and 17, respectively). Wu further 
teaches: saving said first security context (Wu: Column 3 Line 56 - 57). 

As per claims 3, 1 1 , and 19, Savil as modified teaches the claimed 
invention as described above (see claim 2, 10 and 18, respectively). Wu further 
teaches: saving said first security context comprises the step of pushing said first 
security context on a stack (Wu: Column 6 Line 64 - 67 and Column 7 Line 1 - 
4). 

As per claims 4, 12, and 20, Savil as modified teaches the claimed 
invention as described above (see claim 1 , 9 and 17, respectively). Savil further 
teaches: receiving a user logoff (Savil: Page 1 Line 4). 

As per claims 5, 13, and 21, Savil as modified teaches the claimed 
invention as described above (see claim 4, 12 and 20, respectively). Wu further 
teaches: destroying said second security context in response to said step of 
receiving said user logoff (Wu: Column 19 Line 60 - 64). 

As per claims 6, 14 and 22, Savil as modified teaches the claimed 
invention as described above (see claim 2, 10 and 18, respectively). Savill 
teaches reverting to said first security context in response to a user logoff, 
wherein said first security context is then used to access security protected 
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resources by a user who issued the user logoff (Savill: Line 1 - 5: Savil teaches 
allowing the user to just temporarily start the new application account so that the 
user can avoid closing all open application and logoff and therefore, after 
establishing and servicing combined multiple account service managements, the 
logoff would logout the temporary new application first and thus revert back to the 
original user application account). 

As per claims 8, 16, and 24, Savil as modified teaches the claimed 
invention as described above (see claim 1, 9 and 17, respectively). Wu further 
teaches: determining an access permission in response to said second security 
context (Wu: Column 3 Line 11 - 14 and Column 6 Line 17-22. TABLE 1, 
Column 1 7 Line 40 - 44, Column 1 0 Line 33 - 35 and Column 1 9, Line 54 - 56). 

Allowable Subject Matter 

The rejections of claim 7, 15 and 23 have been withdrawn after the review 
of Applicant's Appeal Brief filed 25 April 2006. These claims are objected to as 
being dependent upon a rejected base claim, but would be allowable if rewritten 
in independent form including all of the limitations of the base claim and any 
intervening claims. 



Application/Control Number: 09/731 ,623 Page 8 

Art Unit: 2131 

(10) Response to Argument 

In the instant appeal brief, Applellanthas the presented the following 
arguments: 

1. Claims 1 - 5, 8 - 13, 15 - 21 and 24: Wu expressly teaches 
away any action In response to such (missing) second user 
authentication, by its teaching of a unified, single user login. 

Appellant alleged: "Wu*s stacking of authentication services is not 
done in response to a second authentication, but rather is pre-existing 
and independent of any actual user authentication action; and 
importantly, Wu expressly teaches away from a second user 
authentication, or teaches away any action in response to such 
(missing) second user authentication, by its teaching of a unified, 
single user login". Examiner respectfully disagrees. In view of Wu's 
reference, Wu's unified login does include the second user 
authentication because (a) the first and the second user 
authentications in the authentication security system, as recited in the 
claim, are not necessary to be entered by the human user, which is 
also consistent with the disclosure that appears in the appellant's 
specification (Page 10, 2""^ Para and Page 13, 4*^ Para) and (b) Wu's 
unified login therefore invokes multiple logical authentication services 
and the associated security contexts (or credentials) that are 
dvnamicallv built and aggregated during the run-time based upon the 
control flag setting and the results of previous account management 
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services (Column 8 Line 44 - 67, Column 6 Line 65 - Column 7 Line 4, 
Column 1 6 Line 1 9 - 32, Column 1 1 Line 28 - 34 and Column 25 Line 
16 - 27 & Table 1). Therefore, by using Wu's stacking authentication 
services, the security contexts are aggregated accordingly (i.e. multiple 
application accounts can be co-existed and dynamically managed at 
the same time) depending upon which authentications are invoked and 
what credentials are created during the run-time and as such Wu does 
not teach away from a second user authentication by its unified single 
user login. 

2. There v\^ould have been no motivation to combine Savill and 
Wu's references. 

Appellant asserts that there would have been no motivation to 
combine Savill and Wu's references. Examiner respectfully disagrees, 
Wu's reference resolves the problem presented by Savill attempting to 
avoid logoff existing user application account prior to logon to a new 
user application account (Savill: Page 1 Line 4). See MPEP §2143.01 
- There are three possible sources for a motivation to combine 
references: the nature of the problem to be solved , the teachings of the 
prior art, and the knowledge of persons of ordinary skill in the art. In re 
Rouffet 149 F.3d 1350, 1357, 47 USPQ2d 1453, 1457-58 (Fed. Cir. 
1998). Examiner notes Wu is a nature of solving problems in Savill 
because Wu teaches both of the existing and new user application 
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accounts can be managed at the same time (Wu: Column 2 Line 62 - 
67: there is no need to logout all authentication services before login 
another session) by using ynjfjed.login with^s^^ 
services that invokes multiple logical authentication services and 
dynamically builds and aggregates associated security contexts (or 
credentials) during the run-time based upon the control flag setting and 
the results of previous account management services (Column 8 Line 
44-67, Column 6 Line 65 - Column 7 Line 4, Column 1 6 Line 1 9 - 
32, Column 1 1 Line 28 - 34 and Column 25 Line 1 6 - 27 & Table 1 ). 

3. Claims 6, 14 and 22: Savill expressly teaches away from the 
features of claim 6, by teaching a technique that avoids logoff. 

Appellant alleged: "Savill expressly teaches away from the features 
of claim 6, by teaching a technique that avoid logoff'. Examiner 
respectfully disagrees. Examiner notes "avoid logofT' as alleged by 
Appellant is interpreted in such a way that Savill discloses to avoid 
closing / logoff all applications prior to running / login another 
application (Savill: Page 1 Line 4 - 5), which is also very similar to the 
purpose of starting a new session application without logout all existing 
sessions, as taught by Wu (Column 2 Line 62 - 67). Furthermore, 
Savill discloses to avoid closing / logoff all applications prior to running 
/ login another application and allow the user to temporarilv start 
applications running In the security context of a different account 
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(Savill: Page 1 Line 4-5) and therefore, after establishing and 
servicing combined multiple account service managements, the logoff 
would logout the temporarv new application first and thus revert back 
to the original user application account and as such Savill does not 
teach away from the features of claim 6 as alleged by Applicant. 

4. Claims 7, 11, 15 and 23 have been reconsidered and allowed 
over the prior arts of the record with respect to appellant's 
argument. 

Note: The appellant's statement of the status of EVIDENCE 
APPENDIX after final rejection contained in the brief is correct. 

(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner 
in the Related Appeals and Interferences section of this examiner's answer. 
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For the above reasons, it is believed that the rejections should be 
sustained. 

Respectfully submitted, 
Longbit Chai'oi^ 

IM VU 

SUPERVISORY PATENT EXAMINER 
Conferees: TECHNOLOGY CENTER 2100 




KimVu 
Kambiz Zand 



